SAP AC UME User Reconciliation Brings Role Uniqueid Instead Of Role Uniquename
(Doc ID 2472278.1)
Last updated on JULY 21, 2020
Applies to:Identity Manager Connector - Version 22.214.171.124.0 and later
Information in this document applies to any platform.
SAP User Management Engine Connector + patch 23743186
Very weird issue is being faced and looks its happening due to changes applied by application of patch 23743186 where changes was done at schedule job level as well as lookups to allow successful provisioning of roles, groups thru request. In this patch 23743186 advise was given to change the "Code Key Attribute =id" value to "Code Key Attribute =uniquename" value for both Role and Group lookup recon schedule jobs.
After this Role and Group lookup are getting values as desired by the fix in patch 23743186 and if one requests entitlement from OIM side then that gets added correctly too but when entitlements are being reconciled thru "SAP AC UME Target User Reconciliation" the value of entitlements being brought is showing id values where the looks have uniquename based values and hence entitlements in recon events are not getting pushed to child tables.
If we change "Code Key Attribute =uniquename"value at lookup recon to original value of "Code Key Attribute =id" value and run the lookup recon to populate the lookup then values in lookup are in sync with values in recon event level for role and group.
This clearly tells that patch 23743186 though is making provisioning works but it fails for reconciliation.
Kindly advise if there is a fix or workaround for this issue.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document